c00c81a5d3e2db2a061c95a86cb0ac8e_JaffaCakes118 | Triage

Sharing

General

Target

c00c81a5d3e2db2a061c95a86cb0ac8e_JaffaCakes118
Size

2.6MB
MD5

c00c81a5d3e2db2a061c95a86cb0ac8e
SHA1

bb05c3f304a820d9792b779a3c258c00d8a66473
SHA256

c8b5cc3cfda80b6bee6eec738063f204c12eb3c0ee1064a79d8c1e24c009b70b
SHA512

3d03291a363ddc311bc25377686621f910f0bff3d607830f447cac821455dedb7fd9d613723a79dc98ef9747a81cb2887c11905a6f847a86b7384e5067593bb4
SSDEEP

49152:b8KqXGhYN+oy9tw4XtItiITTuN/vaKMde3C7VwmSP3x2s5R2dWG6Jg:YL8++oybwJsUTtKu7Vq366Jg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/maoxian_setup.exe

Files

c00c81a5d3e2db2a061c95a86cb0ac8e_JaffaCakes118
.rar
maoxian_setup.exe
.exe windows:1 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
新云软件.url
.url